bg-jobs
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the 'agentcli-helpers' package via the 'uv' tool to enable its functionality.
- [COMMAND_EXECUTION]: The core functionality of the skill involves executing arbitrary shell commands provided by the user in a background process.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. * Ingestion points: Untrusted data is ingested when the agent reads job logs or standard output via the 'bg read' or 'bg logs' commands (stored in ~/.bgjobs/). * Boundary markers: There are no boundary markers or instructions to ignore embedded commands when the agent processes these logs. * Capability inventory: The skill has the capability to execute further shell commands using 'bg run'. * Sanitization: No sanitization or filtering is performed on the output generated by background jobs before it is presented to the agent.
Audit Metadata